Re: [PHP] Regex validation
After ceo posted about the imap function I was eager to try it out and got rather disappointed pretty soon. imap_rfc822_parse_adrlist() should not be used for email validation! EXAMPLE: ?php var_dump(imap_rfc822_parse_adrlist('! # $ % * + - / = ? ^ _ ` { | } ~', '')); ? The above code will output: array(1) { [0]= object(stdClass)(2) { [mailbox]= string(36) ! # $ % * + - / = ? ^ _ ` { | } ~ [host]= string(0) } } Although ! # $ % * + - / = ? ^ _ ` { | } ~@example.com would be a valid email address! Without the '@example.com' it is not. Have a look at the user comments at [1], where one user has further examples. [1] http://us.php.net/manual/en/function.imap-rfc822-parse-adrlist.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
var_dump(imap_rfc822_parse_adrlist('! # $ % * + - / = ? ^ _ ` { | } ~', '')); This looks like a valid localhost email address to me... What's wrong with it? :-v You may want to check that host is non-empty, if you do not expect any localhost users, and fail on that condition, however. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
ceo wrote: var_dump(imap_rfc822_parse_adrlist('! # $ % * + - / = ? ^ _ ` { | } ~', '')); This looks like a valid localhost email address to me... It surely is a valid localhost email address, but what most people (and the OP) usually need is to validate a full email string with a local and a domain part. What should be valid email addresses according to RFC 2822 [1]: !#$%*+-/=?^_`{|[EMAIL PROTECTED] @@example.com Not valid email addresses: \@example.com @@example.com - [EMAIL PROTECTED] Valid email addresses according to the Multipurpose Internet Mail Extension (MIME) [2]: [EMAIL PROTECTED] [EMAIL PROTECTED] So for people who got to write code that also works on PHP4 it is not very easy to validate an email address. Even nice regex attempts like [3] fail since more and more mail servers support the MIME hieroglyphs. That's why I was pretty excited about imap_rfc822_parse_adrlist(), since it runs in PHP4 if installed. Which clearly is no substitute for the PHP5+ filter functions [4]. If it's just my brain farting and there actually then tell me. [1] http://www.faqs.org/rfcs/rfc2822.html [2] http://en.wikipedia.org/wiki/MIME [3] http://www.addedbytes.com/php/email-address-validation/ [4] http://in.php.net/filter
Re: [PHP] Regex validation
On Tue, Oct 28, 2008 at 8:57 PM, VamVan [EMAIL PROTECTED] wrote: SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. Are they not base64 encoded? I have had issues in decrypting elements that were not base64 encoded as some characters would end up mimicing EOL or otherwise dropping data -- Bastien Cat, the other other white meat
Re: [PHP] Regex validation
When it comes to email validation, I would recommend using the IMAP function which will be both fast and correct: http://us.php.net/manual/en/function.imap-rfc822-parse-adrlist.php Otherwise, it's guaranteed that you are having at least some false positives, and probably some false negatives. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
On Wed, Oct 29, 2008 at 5:36 AM, [EMAIL PROTECTED] wrote: When it comes to email validation, I would recommend using the IMAP function which will be both fast and correct: http://us.php.net/manual/en/function.imap-rfc822-parse-adrlist.php Otherwise, it's guaranteed that you are having at least some false positives, and probably some false negatives. Didn't know about those IMAP functions. And they even work in PHP4. Thanks for telling. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Regex validation
Hello Team of Nerds, I need help in writing a regular expression for this: invalid character set is: INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.}; I want to a pregmatch for these characters on my whole email address and if match is found I need to return false. Thank you
Re: [PHP] Regex validation
On Tue, Oct 28, 2008 at 4:10 PM, VamVan [EMAIL PROTECTED] wrote: Hello Team of Nerds, I need help in writing a regular expression for this: invalid character set is: INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.}; Then you need to STFW and RTFM. PHP uses Perl-style regexp's, by the way. The best place to start, in my opinion, and a site you should bookmark, is Jan Goyvaerts'[1] site. He's done a fantastic job for people of varying degrees of /regexpertise/: http://www.regular-expressions.info/ 1: [MEDIA] http://www.just-great-software.com/special/JanGoyvaerts.wav -- /Daniel P. Brown http://www.parasane.net/ [New Look] [EMAIL PROTECTED] || [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Hello Team of Nerds, Not the best way to start your request for help. I need help in writing a regular expression for this: invalid character set is: INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.}; I want to a pregmatch for these characters on my whole email address and if match is found I need to return false. Based on what you've said, you might not need a regex, there may well be an str* function that you can use. Maybe strpos(). -- Richard Heyes HTML5 Graphing for FF, Chrome, Opera and Safari: http://www.rgraph.org (Updated October 25th) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
VamVan wrote: Hello Team of Nerds, I need help in writing a regular expression for this: invalid character set is: INVALID_STRING={/,*,+,(,),'\',:,;,~,..,.@,@.}; I want to a pregmatch for these characters on my whole email address and if match is found I need to return false. Thank you If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Regex validation
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Heyes Sent: Tuesday, October 28, 2008 4:30 PM To: VamVan Cc: php List Subject: Re: [PHP] Regex validation Hello Team of Nerds, Not the best way to start your request for help. I need help in writing a regular expression for this: invalid character set is: INVALID_STRING={/,*,+,(,),'\',:,;,~,.., .@,@.}; I want to a pregmatch for these characters on my whole email address and if match is found I need to return false. Based on what you've said, you might not need a regex, there may well be an str* function that you can use. Maybe strpos(). I thought so at first, but it appears the final 3 array members of INVALID_STRING are two characters wide. That could, of course, be handled with a different algorithm from the other, one-character members. Todd Boyd Web Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Good to know filter_var() exists in PHP5 Unless you have PHP5 you better validate the string in the way of checking if it is fit's to your allowed characters and not checking if it contains the NOT allowed charaters. You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and I haven't started yet with the weirdy ones HTH, Nitsan On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] wrote: If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Thank Guys, I at least got part of it working , not the double words but almost everything else than that: function _email_validate($mail_address){ $invalid_charset_pattern = [(*+?)|~:;{}/ ]; if(ereg($invalid_charset_pattern, $mail_address)){ return false; }else{ return true; } } Thanks for the inputs On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED] wrote: Good to know filter_var() exists in PHP5 Unless you have PHP5 you better validate the string in the way of checking if it is fit's to your allowed characters and not checking if it contains the NOT allowed charaters. You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and I haven't started yet with the weirdy ones HTH, Nitsan On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] wrote: If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Keep in mind that ereg will disappear with PHP 6. You might want to use the preg functions: http://www.making-the-web.com/2007/09/21/becoming-php-6-compatible/ Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Thank Guys, I at least got part of it working , not the double words but almost everything else than that: function _email_validate($mail_address){ $invalid_charset_pattern = [(*+?)|~:;{}/ ]; if(ereg($invalid_charset_pattern, $mail_address)){ return false; }else{ return true; } } Thanks for the inputs On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Good to know filter_var() exists in PHP5 Unless you have PHP5 you better validate the string in the way of checking if it is fit's to your allowed characters and not checking if it contains the NOT allowed charaters. You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and I haven't started yet with the weirdy ones HTH, Nitsan On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
On Tue, 2008-10-28 at 18:07 -0500, Micah Gersten wrote: Keep in mind that ereg will disappear with PHP 6. You might want to use the preg functions: http://www.making-the-web.com/2007/09/21/becoming-php-6-compatible/ Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Thank Guys, I at least got part of it working , not the double words but almost everything else than that: function _email_validate($mail_address){ $invalid_charset_pattern = [(*+?)|~:;{}/ ]; if(ereg($invalid_charset_pattern, $mail_address)){ return false; }else{ return true; } } Thanks for the inputs On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Good to know filter_var() exists in PHP5 Unless you have PHP5 you better validate the string in the way of checking if it is fit's to your allowed characters and not checking if it contains the NOT allowed charaters. You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and I haven't started yet with the weirdy ones HTH, Nitsan On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Also, according to the official spec, +, and are all valid email address characters. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks On Tue, Oct 28, 2008 at 5:10 PM, Ashley Sheridan [EMAIL PROTECTED]wrote: On Tue, 2008-10-28 at 18:07 -0500, Micah Gersten wrote: Keep in mind that ereg will disappear with PHP 6. You might want to use the preg functions: http://www.making-the-web.com/2007/09/21/becoming-php-6-compatible/ Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Thank Guys, I at least got part of it working , not the double words but almost everything else than that: function _email_validate($mail_address){ $invalid_charset_pattern = [(*+?)|~:;{}/ ]; if(ereg($invalid_charset_pattern, $mail_address)){ return false; }else{ return true; } } Thanks for the inputs On Tue, Oct 28, 2008 at 3:31 PM, Nitsan Bin-Nun [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Good to know filter_var() exists in PHP5 Unless you have PHP5 you better validate the string in the way of checking if it is fit's to your allowed characters and not checking if it contains the NOT allowed charaters. You better use: [a-z0-9A-Z\_\.]+ instead of [^\)\(\*\[EMAIL PROTECTED] and I haven't started yet with the weirdy ones HTH, Nitsan On Wed, Oct 29, 2008 at 12:10 AM, Yeti [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: If your trying to filter E-Mail addresses, then filter_var is what you should use: http://php.net/filter_var If the OP (original poster) got PHP5+ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Also, according to the official spec, +, and are all valid email address characters. Ash www.ashleysheridan.co.uk
Re: [PHP] Regex validation
VamVan a écrit : This is where it messes up. So I have decided not to allow people to use that as well. By that way, you're making a lot of ennemies on this very list :D -- Mickaël Wolff aka Lupus Michaelis http://lupusmic.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
What are you talking about with a cookie and an E-Mail address? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Regex validation
SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. On Tue, Oct 28, 2008 at 5:41 PM, Micah Gersten [EMAIL PROTECTED] wrote: What are you talking about with a cookie and an E-Mail address? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks
Re: [PHP] Regex validation
How is anything but your webserver decrypting the $_POST data? PHP should get it after that as is. Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: SSO process: $_POST the Email Address and password Get Authenticated, Get the COOKIE ( Through Oracle IDM suite SOAP call) Decrypt the COOKIE ( Through Oracle Enterprise business suite SOAP call) and get the profile Info Thats what happens now. But there is a glitch in the decryption algorithm we currently have. And when we decrypt + or some thing else comes with funny characters and does not authenticate. So I need to restrict them for now. When the algorithm gets corrected then I will use standard RFC. On Tue, Oct 28, 2008 at 5:41 PM, Micah Gersten [EMAIL PROTECTED] wrote: What are you talking about with a cookie and an E-Mail address? Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com VamVan wrote: Yeah, I understand that its allowed in RFC. But unfortunately I use SSO layer which decrypts the Cookie to get email address. This is where it messes up. So I have decided not to allow people to use that as well. Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php